Thursday, April 27

The candidate recommendations are, so far, not captured in the report – . Let's confirm today which ones we "believe in", and add any others, and then put them in the report.

Kathleen notes that ONC is beginning work on a trust framework/contract. Hopefully

Our WG recommendation: How about: Spin up a WG to develop on blockchains and smart contract good practice on use and handling of data related to individuals so as to facilitate individual autonomy [and enable equitable and efficient participation in transaction ecosystems?].

John talks about knowledge, choice, and control as the three axes of autonomy. Ecosystems typically constrain autonomy.

Add to potential liaison relationships: ONC and HL7.

The recommendation we want to make has a pretty sharp audience, set of outputs, set of activities, and set of directions for next steps.

We've talked from time to time about the UMA Legal subgroup possibly spinning up as its own group. Maybe there's something to think about here – combining forces, or two separate WGs? Maybe a "Legal WG" with Kantara-wide scope would make sense; John repeats himself in Legal, CIS, a lot. It would need to be able to produce technical specs as well (that is, have the right IPR policy for that).

Kickstarting the good practice work: We want to recommend to all the "legal capacity to contract" (parties/counterparties) people that they should be using identity standards and, as much as possible, standard claim catalogs so that they can get the benefit of standard flows and standard claim/attribute semantics. (Point to "Analysis of Integrating Legal Contracts and Smart Contracts" section.)

Eve made up an editing task list for herself and Thomas. Keep an eye on report changes.

AI: All: Please review the Report and comment in it or on the list! Keep in mind we're at the very end.

AI: Eve: Ask for one more meeting next Thursday. It's the LAST ONE.

Thursday, April 20

Matisse recommends carrying on with research. She suggests research on smart contracts, specifically around economics and the global market, such as crossing jurisdictions, observing the reality of how things really work, and reshaping how the approach should work.

Colin had pointed out that Kantara is a liaison organization to ISO SC27 WG5 on blockchain and electronic DLTs, and "we can become involved and contribute if we wish to". (See the resolutions Colin passed along from their first meeting in Sydney in April.) From observing that work through the Standards Council of Canada, John thinks ISO's work will move perhaps more slowly than Kantara's ability to comment. We could reasonably check back in 18 months. Kantara's mechanism for liaison is through a specific liaison subcommittee, which is able to see any non-public documents by request every six months.

With respect to timeline, is everything way too early? Is it a matter of early or are there some evergreen truths?

Do we want to make recommendations about what (or what transactions) should be put on blockchains and with what protections? Even if there is already conventional wisdom about not putting personal data on a public blockchain, maybe that needs to be formalized! Apparently not everyone knows that. As Andrew says: "Common sense is not common."

Can we think of ourselves as risk assessors about blockchain? Or if not "blockchain" generally, the imperatives we have identified?

Candidate recommendations:

Spin up a (just one?) WG to develop good practice on use and handling of identity data in an empowering and privacy-sensitive fashion on blockchains and smart contracts

Influencing those who are building blockchain systems, including those who are building blockchain-based identity systems and those who are building Bitcoin-, Ethereum-, and Hyperledger-based applications

Influencing policymakers and legal experts

Potential liaison relationships

ABA (Tom Smedinghoff)

Kantara IRM

Sedona

Legislators (how to reach?)

ISO SC27 WG5

Next meeting: Thursday, April 27

Thursday, April 13

At this point, people have had many chances to review most of the Report content; only a few pieces are new (though there are some holes yet to be filled). Most particularly, we need to decide on our Recommendations.

Figure 1 highlights the need for a hashed data management system and an addressing management system, above and beyond native blockchain capabilities. Further, IAM infrastructure is separate. Thomas created this figure to point out the "stack" of needs. John W suggested adding the identities/entities on "either end". This is a key insight.

Eve suggest that we all review the Report's observations, make candidate recommendations, and discuss and begin selecting them by next Thursday. We need to finish our work by the end of April.

Matisse suggests that our recommendations should be about future research. Ethereum is under so many attacks that certain projects keep being pushing out.

Susan notes that there is legislation starting up in 10 or more states. Should we develop guidance around legislation?

Keep in mind Kantara's specific opportunities for recommendations. Kantara could develop a specific liaison relationship with this ISO committee, for example.

We agreed to meet next Thursday, and negotiate any further meetings at that time, with no meetings beyond May 1 in any case!